• Journal of Service Research and Studies
• /
• v.6 no.3
• /
• pp.79-90
• /
• 2016

Wireless internet service is an important factor to support all industries. In order to connect and use the smart phones or the laptop via a wireless Internet connection, it has been increasing the hacking risks associated with it. As information spills through the DNS address modulation of the Internet router, hacking threats through a wireless router is present. In this paper, we are dealing with the hacking technique utilizing the overall vulnerability of a wireless LAN. We analyzed the need for the wireless LAN security through WEP encryption algorithm and the improved encryption algorithm. In addition, we presented a countermeasure against these hacking technologies which is WEP Crack using wireless vulnerability hacking technology, DDoS attacks, DNS Spoofing.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.277-280
• /
• 2011

VoIP is a technology of voice communication, using the existing internet network which sends and receives voice packets. VoIP has an advantage that VoIP is cheaper than an existing telephony, and the tech is vitalized lately. But recently you can download Volp Application in the Market that have a vulnerability(Anyone Can Upload). This weakness is wrongfully used that People are downloaded by encouraging about malignant code is planted. Signal intercepts indicates from this case. and paralysis by DDoS Attack, bypass are charged for hacking. Judging from, security threat of VolP analysis and take countermeasures. In the thesis we analyze the VoIP security caused on 'Soft Phone' and 'Smart Phone', and figure out security policies and delineate those policies on the paper.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.11a
• /
• pp.718-721
• /
• 2011

웹 서비스를 대상으로 하는 DDoS(Distributed Denial-of-Service) 공격 또는 유해 트래픽 유입을 탐지 또는 차단하기 위한 목적으로 HTTP(Hypertext Transfer Protocol) 트래픽을 실시간으로 분석하는 기능은 거의 모든 네트워크 트래픽 보안 솔루션들이 탑재하고 있는 필수적인 요소이다. 하지만, HTTP 트래픽의 실시간 데이터 측정 양이 시간이 지날수록 기하급수적으로 증가함에 따라, HTTP 트래픽을 실시간 패킷 단위로 분석한다는 것에 대한 성능 부담감은 날로 커지고 있는 실정이다. 이제는 응용 어플리케이션 차원에서는 성능에 대한 부담감을 해소할 수 없기 때문에 고비용의 소프트웨어 가속기나 하드웨어에 의존적인 전용 장비를 탑재하여 해결하려는 시도가 대부분이다. 본 논문에서는 현재 대부분의 PC 에 탑재되어 있는 그래픽 카드의 GPU(Graphics Processing Units)를 범용적으로 활용하고자 하는 GPGPU(General-Purpose computation on Graphics Processing Units)의 연구에 힘입어, NVIDIA사의 CUDA(Compute Unified Device Architecture)를 사용하여 네트워크 트래픽에서 HTTP 패킷 추출성능을 응용 어플리케이션 차원에서 향상시켜 보고자 하였다. HTTP 패킷 추출 연산만을 기준으로 GPU 의 연산속도는 CPU 에 비해 10 배 이상의 높은 성능을 얻을 수 있었다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2020.07a
• /
• pp.85-88
• /
• 2020

최근 악성코드의 발전은 사이버 위협의 전방면에 걸쳐 영향을 주고 있다. DDoS, APT를 포함한 스팸 발송 등과 같은 사이버 공격은 악성코드를 기반으로 한다. 또한 이에 대응하기 위해 다양한 형태의 악성코드 솔루션이 존재하고 있다. 악성코드 솔루션은 오픈소스와 상업용 프로그램으로 나눌 수 있는데 상업용 프로그램은 악성코드뿐만 아니라 PC관리의 전반적인 부분을 담당하고 있다. 악성코드를 탐지하는 방법은 시그니처 방식과 해시DB를 이용한 방식 등 다양한 방식이 있다. 본 논문에서는 오픈소스기반 악성코드 솔루션을 비교하여 어떠한 방식이 더 효과적인가를 분석하였다. 이를 통해 악성코드 방지 프로그램을 개발하려는 개발자가 비용효과적인 악성코드 탐지 방법을 잘 선택할 수 있는 가이드라인을 제공한다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.7
• /
• pp.1-8
• /
• 2017

As the IT environment becomes more sophisticated, various threats and their associated serious risks are increasing. Threats such as DDoS attacks, malware, worms, and APT attacks can be a very serious risk to enterprises and must be efficiently managed in a timely manner. Therefore, the government has designated the important system as the main information communication infrastructure in consideration of the impact on the national security and the economic society according to the 'Information and Communication Infrastructure Protection Act', which, in particular, protects the main information communication infrastructure from cyber infringement. In addition, it conducts management supervision such as analysis and evaluation of vulnerability, establishment of protection measures, implementation of protection measures, and distribution of technology guides. Even now, security consulting is proceeding on the basis of 'Guidance for Evaluation of Technical Vulnerability Analysis of Major IT Infrastructure Facilities'. There are neglected inspection items in the applied items, and the vulnerability of APT attack, malicious code, and risk are present issues that are neglected. In order to eliminate the actual security risk, the security manager has arranged the inspection and ordered the special company. In other words, it is difficult to check against current hacking or vulnerability through current system vulnerability checking method. In this paper, we propose an efficient method for extracting diagnostic data regarding the necessity of upgrading system vulnerability check, a check item that does not reflect recent trends, a technical check case for latest intrusion technique, a related study on security threats and requirements. Based on this, we investigate the security vulnerability management system and vulnerability list of domestic and foreign countries, propose effective security vulnerability management system, and propose further study to improve overseas vulnerability diagnosis items so that they can be related to domestic vulnerability items.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.8 no.6
• /
• pp.835-844
• /
• 2018

Recently, as the number of smartphone users has been increasing worldwide, various services such as electronic payment, internet use, and financial settlement are being used as a smartphone. In addition, researches for home appliance control and automobile control using smartphone are conducted. As such, smartphone users can enjoy a more convenient life, but by hacking smartphones, tapping texts and conversations on smartphones, tracking location through spy apps, DDoS attacks using smartphones, and malicious apps When a message is received at a specific telephone number when using a micropayment, the corresponding text message is transmitted to a remote server, thereby increasing the risk of leakage of personal information and the like. Therefore, in this paper, we define the risk factors of the smartphone that are caused by the internal and external environmental, physical, contents (apps) of the smartphone through the smartphone that we use in real life, We propose a method to check vulnerability of smartphone security solution such as CC evaluation and the most effective response technique for each risk of smartphone by defining the technique.

• Journal of KIISE:Computing Practices and Letters
• /
• v.15 no.9
• /
• pp.675-684
• /
• 2009

Internet worm can cause a traffic problem through DDoS(Distributed Denial of Services) or other kind of attacks. In those manners, it can compromise the internet infrastructure. In addition to this, it can intrude to important server and expose personal information to attacker. However, current detection and response mechanisms to worm have many vulnerabilities, because they only use local characteristic of worm or can treat known worms. In this paper, we propose a new framework to detect unknown worms. It uses macroscopic characteristic of worm to detect unknown worm early. In proposed idea, we define the macroscopic behavior of worm, propose a worm detection method to detect worm flow directly in IP packet networks, and show the performance of our system with simulations. In IP based method, we implement the proposed system and measure the time overhead to execute our system. The measurement shows our system is not too heavy to normal host users.

• Journal of KIISE:Databases
• /
• v.37 no.5
• /
• pp.258-266
• /
• 2010

In this paper, we introduce a novel method to predict next update of blogs. The number of RSS feeds registered on meta-blogs is on the order of several million. Checking for updates is very time consuming and imposes a heavy burden on network resources. Since blog search engine has limited resources, there is a fix number of blogs that it can visit on a day. Nevertheless we need to maximize chances of getting new data, and the proposed method which predicts update probability on blogs could bring better chances for it. Also this work is important to avoid distributed denial-of-service attack for the owners of blogs. Furthermore, for the internet as whole this work is important, too, because our approach could minimize traffic. In this study, we assumed that there is a specific pattern to when a blogger is actively posting, in terms of days of the week and, more specifically, hours of the day. We analyzed 15,119 blogs to determine a blogger's posting preference. This paper proposes a method to predict the update probability based on a blogger's posting history and preferred days of the week. We applied proposed method to 12,115 blogs to check the precision of our predictions. The evaluation shows that the model has a precision of 0.5 for over 93.06% of the blogs examined.

• Korean Security Journal
• /
• no.39
• /
• pp.185-215
• /
• 2014

Since North Korea has used terror crime as a means of unification under communism against South Korea, South Korea has been much damaged until now. And the occurrence possibility of terror crime by North Korean authority is now higher than any other time. The North Korean terror crimes of Kim Il Sung era had been committed by the dictator's instruction with the object of securing governing fund. However, looking at the terror crimes committed for decades during Kim Jung Il authority, it is revealed that these terror crimes are expressed as a criminal behavior because of the conflict to accomplish the power and economic advantage non powerful groups target. This study focused on the power conflict in various causes of terror crimes by applying George B. Vold(1958)'s theory which explained power conflict between groups became a factor of crime, and found the aspect by ages of terror crime behavior by North Korean authority and responding plan to future North Korean terror crime. North Korean authority high-ranking officials were the Labor Party focusing on Juche Idea for decades in Kim Il Sung time. Afterwards, high-ranking officials were formed focusing on military authorities following Military First Policy at the beginning of Kim Jung Il authority, rapid power change has been done for recent 10 years. To arrange the aspect by times of terror crime following this power change, alienated party executives following the support of positive military first authority by Kim Jung Il after 1995 could not object to forcible terror crime behavior of military authority, and 1st, 2nd Yeongpyeong maritime war which happened this time was propelled by military first authority to show the power of military authority. After 2006, conservative party union enforced censorship and inspection on the trade business and foreign currency-earning of military authority while executing drastic purge. The shooting on Keumkangsan tourists that happened this time was a forcible terror crime by military authority following the pressure of conservative party. After October, 2008, first military reign union executed the launch of Gwanmyungsung No.2 long-range missile, second nuclear test, Daechung marine war, and Cheonanham attacking terror in order to highlight the importance and role of military authority. After September 2010, new reign union went through severe competition between new military authority and new mainstream and new military authority at this time executed highly professionalized terror crime such as cyber/electronic terror unlike past military authority. After July 2012, ICBM test launch, third nuclear test, cyber terror on Cheongwadae homepage of new mainstream association was the intention of Km Jung Eun to display his ability and check and adjust the power of party/military/cabinet/ public security organ, and he can attempt the unexpected terror crime in the future. North Korean terror crime has continued since 1980s when Kim Jung Il's power succession was carried out, and the power aspect by times has rapidly changed since 1994 when Kim Il Sung died and the terror crime became intense following the power combat between high-ranking officials and power conflict for right robbery. Now South Korea should install the specialized department which synthesizes and analyzes the information on North Korean high-ranking officials and reinforce the comprehensive information-collecting system through the protection and management of North Korean defectors and secret agents in order to determine the cause of North Korean terror crime and respond to it. And South Korea should participate positively in the international collaboration related to North Korean terror and make direct efforts to attract the international agreement to build the international cooperation for the response to North Korean terror crime. Also, we should try more to arrange the realistic countermeasure against North Korean cyber/electronic terror which was more diversified with the expertise terror escaping from existing forcible terror through enactment/revision of law related to cyber terror crime, organizing relevant institute and budget, training professional manpower, and technical development.